Apple Details iOS Security Features in New Guide

Apple has released a detailed security guide for its iOS operating system, an unprecedented move for a company known for not discussing the technical details of its products, let alone the security architecture. The document lays out the system architecture, data protection capabilities and network security features in iOS, most of which had been known before but hadn’t been publicly discussed by Apple.

The iOS Security guide, released within the last week, represents Apple’s first real public documentation of the security architecture and feature set in iOS, the operating system that runs on iPhones, iPads and iPod Touch devices. Security researchers have been doing ther best to reverse engineer the operating system for several years and much of what’s in the new Apple guide has been discussed in presentations and talks by researchers.

One of the more-discussed security elements in iOS is the implementation of ASLR (address space layout randomization), an exploit mitigation that’s designed to prevent attackers from using memory corruption bugs. Researchers discovered the addition of ASLR to iOS, but Apple never really talked about it.

“Built-in apps use ASLR to ensure that all memory regions are randomized upon launch. Additionally, system shared library locations are randomized at each device startup. Xcode, the iOS development environment, automatically compiles third-party programs with ASLR support turned on,” the security guide says.

The document also talks in detail about the way that Apple’s code-signing process for iOS apps works. The process is key to the company’s ability to control which apps are allowed to run on iOS devices and also a central part of its security architecture. This code-signing system is one of the main features cited by security experts when they discuss the security capabilities of iOS relative to Android and other mobile operating systems.

“To ensure that all apps come from a known and approved source and have not been tampered with, iOS requires that all executable code be signed using an Apple-issued certificate. Apps provided with the device, like Mail and Safari, are signed by Apple. Third-party apps must also be validated and signed using an Apple-issued certificate. Mandatory code signing extends the concept of chain of trust from the OS to apps, and prevents third-party apps from loading unsigned code resources or using selfmodifying code,” Apple’s security guide says.

“In order to develop and install apps on iOS devices, developers must register with Apple and join the iOS Developer Program. The real-world identity of each developer, whether an individual or a business, is verified by Apple before their certificate is issued. This certificate enables developers to sign apps and submit them to the App Store for distribution. As a result, all apps in the App Store have been submitted by an identifiable person or organization, serving as a deterrent to the creation of malicious apps. They have also been reviewed by Apple to ensure they operate as described and don’t contain obvious bugs or other problems. In addition to the technology already discussed, this curation process gives customers confidence in the quality of the apps they buy.”

Charlie Miller, a principal research consultant at Accuvant and co-author of the recent iOS Hacker’s Handbook, said that while there isn’t a lot of new information in the Apple security guide, its publication is an important event.

“Apple doesn’t really talk about their security mechanisms in detail. When they introduced ASLR, they didn’t tell anybody. They didn’t ever explain how codesigning worked,” Miller said. “There isn’t anything really new in that doc, which means that the research community ‘worked’, that is without anybody telling us, we figured out how the thing worked and why it was good (or not so much).”

About Dennis Fisher

Dennis Fisher is a journalist with more than 13 years of experience covering information security.

I expect to see Apple migrate much of this security mechanism to Mac OS X. This could also enable apple to restrict distrubution in the same way they have done for iOS applications. While Apple would financially benefit from requiring distribution only via AppStore, this would be difficult to impose upon major software vendors. If exceptions were made for large vendors then various anti-trust arguments might be raised by lesser vendors.

A modern smartphone is a full-blown working tool, an entertainment center and a tool to manage your personal finances. The more it can do, the more attractive it is to cybercriminals. The evidence for...

Cybercriminals go at great lengths to throw researchers off their scent, but just like in the "offline" crime world they make errors and leave peculiar traces behind, making them look a bit silly, whi...

By Maria Karnaukh Genius is often simple. Those ideas that ultimately reap millions of dollars are usually found hiding in plain view – unnoticed until their time is right. Here are several examples o...